fix: Refactor to use interactivebrowser login

2024-03-08 11:50:00 +11:00 · 2024-03-08 11:50:00 +11:00 · 580f64b7f2
parent 4f441fa6b4
commit 580f64b7f2
2 changed files with 53 additions and 30 deletions
--- a/pkg/graphhelper/graphhelper.go
+++ b/pkg/graphhelper/graphhelper.go
@ -2,22 +2,21 @@ package graphhelper

 import (
 	"context"
-	"fmt"
-	"os"
 	"strings"

 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
 	auth "github.com/microsoft/kiota-authentication-azure-go"
 	msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
-	// "github.com/microsoftgraph/msgraph-sdk-go/models"
-	// "github.com/microsoftgraph/msgraph-sdk-go/users"
+	"github.com/microsoftgraph/msgraph-sdk-go/models"
+	"github.com/microsoftgraph/msgraph-sdk-go/users"
 )

 type GraphHelper struct {
-	deviceCodeCredential *azidentity.DeviceCodeCredential
-	userClient           *msgraphsdk.GraphServiceClient
-	graphUserScopes      []string
+	// deviceCodeCredential *azidentity.DeviceCodeCredential
+	InteractiveBrowserCredential *azidentity.InteractiveBrowserCredential
+	userClient                   *msgraphsdk.GraphServiceClient
+	graphUserScopes              []string
 }

 func NewGraphHelper() *GraphHelper {
@ -26,25 +25,30 @@ func NewGraphHelper() *GraphHelper {
 }

 func (g *GraphHelper) InitializeGraphForUserAuth() error {
-	clientId := os.Getenv("CLIENT_ID")
-	tenantId := os.Getenv("TENANT_ID")
-	scopes := os.Getenv("GRAPH_USER_SCOPES")
+	// clientId := os.Getenv("CLIENT_ID")
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
+	// tenantId := os.Getenv("TENANT_ID")
+	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
+	// scopes := os.Getenv("GRAPH_USER_SCOPES")
+	scopes := "user.read"
 	g.graphUserScopes = strings.Split(scopes, ",")

 	// Create the device code credential
-	credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
+	// credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
+	credential, err := azidentity.NewInteractiveBrowserCredential(&azidentity.InteractiveBrowserCredentialOptions{
 		ClientID: clientId,
 		TenantID: tenantId,
-		UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
-			fmt.Println(message.Message)
-			return nil
-		},
+		// UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
+		// 	fmt.Println(message.Message)
+		// 	return nil
+		// },
+		RedirectURL: "https://alias.spamasaurus.com/",
 	})
 	if err != nil {
 		return err
 	}

-	g.deviceCodeCredential = credential
+	g.InteractiveBrowserCredential = credential

 	// Create an auth provider using the credential
 	authProvider, err := auth.NewAzureIdentityAuthenticationProviderWithScopes(credential, g.graphUserScopes)
@ -66,7 +70,7 @@ func (g *GraphHelper) InitializeGraphForUserAuth() error {
 }

 func (g *GraphHelper) GetUserToken() (*string, error) {
-	token, err := g.deviceCodeCredential.GetToken(context.Background(), policy.TokenRequestOptions{
+	token, err := g.InteractiveBrowserCredential.GetToken(context.Background(), policy.TokenRequestOptions{
 		Scopes: g.graphUserScopes,
 	})
 	if err != nil {
@ -75,3 +79,15 @@ func (g *GraphHelper) GetUserToken() (*string, error) {

 	return &token.Token, nil
 }
+
+func (g *GraphHelper) GetUser() (models.Userable, error) {
+	query := users.UserItemRequestBuilderGetQueryParameters{
+		// Only request specific properties
+		Select: []string{"displayName", "mail", "userPrincipalName"},
+	}
+
+	return g.userClient.Me().Get(context.Background(),
+		&users.UserItemRequestBuilderGetRequestConfiguration{
+			QueryParameters: &query,
+		})
+}
--- a/pkg/spamasaurusrex/main.go
+++ b/pkg/spamasaurusrex/main.go
@ -15,25 +15,35 @@ import (
 )

 func handler(w http.ResponseWriter, r *http.Request) {
-	query := r.URL.Query()
-	name := query.Get("name")
-
 	graphHelper := graphhelper.NewGraphHelper()
-
 	initializeGraph(graphHelper)
-	greetUser(graphHelper)

-	if name == "" {
-		name = "Guest"
+	user, err := graphHelper.GetUser()
+	if err != nil {
+		log.Panicf("Error getting user: %v\n", err)
 	}
-	log.Printf("Received request for %s\n", name)
-	w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
+
+	fmt.Printf("Hello, %s!\n", *user.GetDisplayName())
+	w.Write([]byte(fmt.Sprintf("Hello, %s\n", *user.GetDisplayName())))
+
+	// query := r.URL.Query()
+	// name := query.Get("name")
+	// w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
 }

 func healthHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 }

+func loginHandler(w http.ResponseWriter, r *http.Request) {
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
+	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
+	redirectURI := "https://alias.spamasaurus.com/"
+
+	http.Redirect(w, r,
+		"https://login.microsoftonline.com/"+tenantId+"/oauth2/v2.0/authorize?client_id="+clientId+"&response_type=code&redirect_uri="+redirectURI+"&scope=openid profile offline_access", http.StatusMovedPermanently)
+}
+
 func readinessHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 }
@ -44,6 +54,7 @@ func main() {

 	r.HandleFunc("/", handler)
 	r.HandleFunc("/health", healthHandler)
+	r.HandleFunc("/login", loginHandler)
 	r.HandleFunc("/readiness", readinessHandler)

 	srv := &http.Server{
@ -88,10 +99,6 @@ func initializeGraph(graphHelper *graphhelper.GraphHelper) {
 	}
 }

-func greetUser(graphHelper *graphhelper.GraphHelper) {
-	// TODO
-}
-
 func displayAccessToken(graphHelper *graphhelper.GraphHelper) {
 	token, err := graphHelper.GetUserToken()
 	if err != nil {